package com.peiwan.user.controller;

import com.peiwan.user.dto.UserDTO;
import com.peiwan.user.dto.UserCreateDTO;
import com.peiwan.user.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@RestController
@RequestMapping("/api/users")
public class UserController {

    @Autowired
    private UserService userService;

    @PostMapping("/register")
    public ResponseEntity<UserDTO> register(@RequestBody UserCreateDTO userCreateDTO) {
        return ResponseEntity.ok(userService.register(userCreateDTO));
    }

    @GetMapping("/current")
    public ResponseEntity<UserDTO> getCurrentUser() {
        return ResponseEntity.ok(userService.getCurrentUser());
    }

    @PutMapping("/profile")
    public ResponseEntity<UserDTO> updateProfile(@RequestBody UserDTO userDTO) {
        return ResponseEntity.ok(userService.updateProfile(userDTO));
    }

    @GetMapping
    public ResponseEntity<List<UserDTO>> getAllUsers() {
        return ResponseEntity.ok(userService.getAllUsers());
    }

    @GetMapping("/{username}")
    public ResponseEntity<UserDTO> getUserByUsername(@PathVariable String username) {
        return ResponseEntity.ok(userService.getUserByUsername(username));
    }

    @DeleteMapping("/{username}")
    public ResponseEntity<Void> deleteUser(@PathVariable String username) {
        userService.deleteUser(username);
        return ResponseEntity.ok().build();
    }

    @PutMapping("/{username}/permission")
    public ResponseEntity<Void> updateUserPermission(@PathVariable String username, @RequestParam String permission) {
        userService.updateUserPermission(username, permission);
        return ResponseEntity.ok().build();
    }

    @PutMapping("/{username}")
    public ResponseEntity<UserDTO> updateUser(@PathVariable String username, @RequestBody UserDTO userDTO) {
        return ResponseEntity.ok(userService.updateUser(username, userDTO));
    }

    @PutMapping("/{username}/password")
    public ResponseEntity<Void> updatePassword(@PathVariable String username, @RequestParam String password) {
        // 获取当前登录用户
        UserDTO currentUser = userService.getCurrentUser();
        // 检查是否是当前用户或管理员
        if (!currentUser.getUsername().equals(username) && !"admin".equals(currentUser.getPermission())) {
            return ResponseEntity.status(403).build();
        }
        // 更新密码
        UserDTO userDTO = new UserDTO();
        userDTO.setUsername(username);
        userDTO.setPassword(password);
        try {
            userService.updateUser(username, userDTO);
            return ResponseEntity.ok().build();
        } catch (Exception e) {
            return ResponseEntity.status(500).build();
        }
    }

    @GetMapping("/{username}/permission")
    public ResponseEntity<String> getUserPermission(@PathVariable String username) {
        return ResponseEntity.ok(userService.getUserPermission(username));
    }

    @GetMapping("/{username}/has-permission")
    public ResponseEntity<Boolean> hasPermission(@PathVariable String username, @RequestParam String permission) {
        return ResponseEntity.ok(userService.hasPermission(username, permission));
    }
}